Legal claims defining the scope of protection. Each claim is shown in both the original legal language and a plain English translation.
1. A method comprising: retrieving, by a first device and from a second device, a digital rights management (DRM) key for accessing content on the second device; using, by the first device, the DRM key to decrypt encrypted authentication information stored on the first device; and using, by the first device, the decrypted authentication information to provide access to a service on the first device by generating a local key from the decrypted authentication information and decrypting an encrypted set of user data using the local key, the service being independent of accessing the content using the DRM key.
This invention relates to secure content access and service authentication in digital systems. The problem addressed is the need to securely manage access to both protected content and independent services on a device while ensuring proper authentication without compromising security. The solution involves a method where a first device retrieves a digital rights management (DRM) key from a second device. This DRM key is used to decrypt encrypted authentication information stored on the first device. The decrypted authentication information is then used to provide access to a service on the first device. Specifically, the first device generates a local key from the decrypted authentication information and uses this local key to decrypt an encrypted set of user data. The service accessed in this manner operates independently of the content accessed using the DRM key, ensuring that the authentication process for the service does not rely on the DRM key itself. This approach enhances security by separating the authentication mechanism for the service from the DRM-protected content, reducing the risk of unauthorized access to either. The method ensures that only authorized users can access both the protected content and the independent service, maintaining a secure and user-specific environment.
2. The method of claim 1 , wherein providing access to the service comprises removing a screen lock on the first device.
A system and method for securely accessing a service on a first device using a second device involves establishing a secure communication channel between the two devices. The first device, which may be a computer or mobile device, is configured to detect the presence of the second device, such as a smartphone or wearable device, within a predefined proximity range. Upon detection, the first device initiates a secure pairing process, which may include authentication of the second device using cryptographic keys or biometric verification. Once authenticated, the second device sends a request to the first device to access a specific service, such as an application or system function. The first device verifies the request and grants access by removing any existing screen lock, allowing the user to interact with the service without manual authentication. This method enhances security by leveraging proximity-based authentication while simplifying user access to services on the first device. The system may also include additional security measures, such as time-based access restrictions or activity monitoring, to prevent unauthorized use. The invention is particularly useful in environments where quick and secure access to services is required, such as in enterprise or healthcare settings.
3. The method of claim 1 , wherein the DRM key is retrieved as a part of a high-bandwidth digital content protection (HDCP) scheme.
A system and method for securely distributing digital content involves retrieving a digital rights management (DRM) key as part of a high-bandwidth digital content protection (HDCP) scheme. The HDCP scheme ensures secure transmission of content between devices, such as from a source device to a display or playback device, by encrypting the content and requiring authenticated devices to decrypt it. The DRM key, which controls access to the content, is embedded within the HDCP-protected transmission, ensuring that only authorized devices can retrieve and use the key. This integration of DRM key retrieval within HDCP enhances security by reducing the risk of key interception or unauthorized access during transmission. The method may also include verifying the authenticity of the receiving device before transmitting the encrypted content and key, further strengthening protection against piracy. The approach is particularly useful in environments where high-value digital media, such as movies or software, must be securely distributed while maintaining compatibility with existing HDCP-compliant hardware.
4. The method of claim 1 , wherein providing access to the service comprises directing the first device to play another content.
A system and method for managing access to a service involves controlling access based on user authentication and device capabilities. The method includes receiving a request from a first device to access a service, verifying the identity of the user associated with the device, and determining whether the device meets predefined criteria for service access. If the device does not meet the criteria, access is denied. If the device meets the criteria, access is granted, and the service is provided. In some cases, providing access includes directing the first device to play alternative content, such as advertisements or promotional material, before or during the service. The alternative content may be selected based on user preferences, device capabilities, or other factors. The system ensures that only authorized users with compatible devices can access the service, while also allowing for controlled distribution of additional content. This approach enhances security and user experience by tailoring content delivery to the device and user context.
5. The method of claim 4 , wherein the content is audio content or video content stored on the first device.
This invention relates to a system for managing and processing digital content, specifically audio or video files stored on a computing device. The system addresses the challenge of efficiently organizing, accessing, and processing multimedia content by implementing a structured approach to content management. The method involves storing audio or video content on a first device, such as a smartphone, tablet, or computer, and then processing this content to extract metadata or perform other operations. The system may include additional steps such as transferring the content to a second device for further processing or storage, ensuring that the content remains accessible and manageable across multiple devices. The invention aims to improve user experience by streamlining content handling, reducing storage constraints, and enhancing accessibility. The method may also involve analyzing the content to generate metadata, which can be used for indexing, searching, or categorizing the files. By integrating these features, the system provides a comprehensive solution for managing multimedia content in a digital environment.
6. The method of claim 4 , wherein the content is streaming audio content or streaming video content that the first device retrieves from a third device communicatively coupled to the first device through a network.
This invention relates to streaming media content, specifically audio or video, from a remote source to a local device. The problem addressed is the efficient and synchronized delivery of streaming content from a third-party device over a network to a first device, ensuring seamless playback without interruptions or delays. The method involves retrieving streaming audio or video content from a third device, which is connected to the first device via a network. The content is then processed and delivered to the first device for playback. The system ensures that the streaming content is received in real-time or near real-time, maintaining synchronization between the source and the playback device. This method is particularly useful in applications where low-latency and high-quality streaming are critical, such as live broadcasts, video conferencing, or on-demand media services. The invention may also include additional features such as buffering mechanisms to handle network fluctuations, adaptive bitrate streaming to adjust quality based on network conditions, and error correction to mitigate data loss during transmission. These enhancements ensure a smooth and uninterrupted streaming experience, even under varying network conditions. The system is designed to be scalable, supporting multiple devices and users simultaneously without compromising performance.
7. The method of claim 1 , wherein the decrypted authentication information comprises a decrypted parameter that is stored on the first device.
This method involves decrypting some security information, and then saving a part of that decrypted information on the device that did the decrypting.
8. The method of claim 7 , wherein the decrypted parameter is at least one of a decryption key, a service-access token, or a password.
A method for securely managing and utilizing decrypted parameters in a computing system involves decrypting an encrypted parameter stored in a memory of a computing device. The decrypted parameter is then used to access a service or resource. The decrypted parameter may include sensitive information such as a decryption key, a service-access token, or a password. The method ensures that the decrypted parameter is only accessible for a limited duration or under specific conditions, enhancing security by preventing unauthorized access or prolonged exposure of sensitive data. The system may include a secure memory module to store the encrypted parameter and a processing unit to perform the decryption and access operations. The method may also involve validating the decrypted parameter before use, ensuring its integrity and authenticity. This approach mitigates risks associated with storing or transmitting sensitive information in plaintext, reducing vulnerabilities to attacks such as interception or unauthorized access. The method is particularly useful in environments where secure access to services or resources is required, such as cloud computing, financial transactions, or enterprise systems.
9. The method of claim 7 , wherein using the decrypted parameter comprises: generating the local key from the decrypted parameter.
A system and method for secure key generation involves decrypting a parameter to derive a local key for cryptographic operations. The invention addresses the challenge of securely generating and managing cryptographic keys in distributed or untrusted environments. The method includes receiving an encrypted parameter, decrypting it using a predefined decryption process, and then generating a local key from the decrypted parameter. The decrypted parameter may contain key material, a seed value, or other data used to construct the local key. The local key is then used for subsequent cryptographic operations, such as encryption, decryption, authentication, or digital signatures. The system ensures that the local key is derived only after successful decryption, enhancing security by preventing unauthorized key generation. The method may be applied in secure communication protocols, access control systems, or any scenario requiring secure key derivation from encrypted inputs. The invention improves upon existing key management techniques by integrating decryption and key generation into a single, secure process, reducing the risk of key exposure or tampering.
10. The method of claim 7 , wherein the decrypted parameter is an access control parameter for restricting access to the first device, wherein the access control parameter is a passcode or a gesture input.
A method for secure device access control involves decrypting an encrypted parameter stored on a first device to obtain an access control parameter. This access control parameter restricts access to the first device and can be either a passcode or a gesture input. The decryption process uses a decryption key derived from a user's biometric data, such as a fingerprint or facial recognition, captured by a sensor on the first device. The biometric data is processed to generate a biometric template, which is then used to derive the decryption key. The encrypted parameter is stored in a secure memory location on the first device, ensuring that only authorized users with valid biometric data can decrypt it. Once decrypted, the access control parameter is used to verify the user's identity before granting access to the device. This method enhances security by eliminating the need for traditional passcodes or gesture inputs to be stored in plaintext, reducing the risk of unauthorized access. The system ensures that the decryption key is only generated when the user's biometric data matches the stored template, providing an additional layer of protection.
11. A non-transitory machine readable medium storing a program which when executed by at least one processor, causes the at least one processor to perform operations, the program comprising sets of instructions for: retrieving, by a first device and from a second device, a digital rights management (DRM) key for accessing content on the second device; and using, by the first device, the DRM key to decrypt encrypted authentication information stored in a memory of the first device to provide access to a service on the first device by generating a local key from the decrypted authentication information and decrypting an encrypted set of user data using the local key, the service being distinct from accessing the content using the DRM key.
This invention relates to digital rights management (DRM) systems and secure access to services on electronic devices. The problem addressed is securely managing access to services on a first device while leveraging DRM keys retrieved from a second device, ensuring that authentication and user data remain protected even if the first device is compromised. The system involves a non-transitory machine-readable medium storing a program that, when executed by a processor, performs operations for secure service access. A first device retrieves a DRM key from a second device, which is used to access content on the second device. The first device then uses this DRM key to decrypt encrypted authentication information stored in its own memory. The decrypted authentication information is processed to generate a local key, which is then used to decrypt an encrypted set of user data. This decrypted user data enables access to a service on the first device, distinct from the content accessed using the DRM key. The approach ensures that even if the first device is compromised, the authentication and user data remain secure due to the layered encryption and key derivation process. The system enhances security by separating the DRM key used for content access from the keys used for service authentication and user data protection.
12. The non-transitory machine readable medium of claim 11 , wherein the program further comprises sets of instructions for: determining that the second device communicatively couples to the first device and has the DRM key that allows access to the service on the first device; wherein retrieving the DRM key from the second device is performed after the determination that the second device communicatively couples to the first device and has the DRM key.
This invention relates to digital rights management (DRM) systems for securely transferring access rights between devices. The problem addressed is ensuring that a first device can securely retrieve a DRM key from a second device to access a restricted service, while preventing unauthorized access. The solution involves a non-transitory machine-readable medium containing instructions for a program that operates on a first device. The program includes instructions for determining whether a second device is communicatively coupled to the first device and possesses a valid DRM key that grants access to a service on the first device. Only after confirming this connection and key possession does the program proceed to retrieve the DRM key from the second device. This ensures that the key transfer occurs only under secure conditions, preventing unauthorized access. The system may also include additional instructions for managing the DRM key, such as validating its authenticity or restricting its use to specific services or devices. The invention enhances security by verifying device connectivity and key availability before retrieval, reducing the risk of unauthorized access to protected content or services.
13. The non-transitory machine readable medium of claim 12 , wherein the program further comprises a set of instructions for, before the determination that the second device communicatively couples to the first device and has the DRM key, determining that the first device stores an encrypted access control parameter that is encrypted using a DRM key from another device.
This invention relates to digital rights management (DRM) systems for securely managing access control parameters in a networked environment. The problem addressed is ensuring secure and authorized access to encrypted content or resources when devices with different DRM keys interact. The solution involves a non-transitory machine-readable medium containing instructions for a program that verifies the presence of a DRM key on a second device before allowing communication with a first device. Additionally, the program includes instructions to check whether the first device stores an encrypted access control parameter that was encrypted using a DRM key from another device. This ensures that the access control parameter remains secure and can only be decrypted by a device possessing the correct DRM key. The system prevents unauthorized access by verifying the DRM key before allowing communication and by ensuring that access control parameters are encrypted with valid DRM keys. This approach enhances security in DRM systems by enforcing strict key validation and encryption requirements.
14. The non-transitory machine readable medium of claim 12 , wherein the program further comprises sets of instructions for: before the determination that the second device communicatively couples to the first device and has the DRM key, determining that the first device stores a plurality of encrypted access control parameters that are each encrypted by using a DRM key from one of a plurality of other devices that have previously communicatively coupled with to the first device; and wherein determining that the second device communicatively couples to the first device comprises determining whether any of the previously communicatively coupled devices is currently communicatively coupled to the first device.
A system and method for managing digital rights management (DRM) keys and access control parameters in a networked environment. The invention addresses the challenge of securely sharing and validating DRM keys among devices to control access to protected content. When a second device connects to a first device, the system verifies whether the second device possesses a valid DRM key required for access. Before this verification, the system checks if the first device stores multiple encrypted access control parameters, each encrypted using a DRM key from previously connected devices. The system then determines whether any of these previously connected devices are currently connected to the first device. This ensures that only authorized devices with valid DRM keys can access the protected content, enhancing security and access control in a multi-device environment. The solution improves upon existing DRM systems by dynamically verifying device connections and key validity, reducing unauthorized access risks.
15. The non-transitory machine readable medium of claim 14 , wherein the program further comprises a set of instructions for providing a prompt to provide an access control parameter to access the service when it is determined that none of the previously coupled devices are currently coupled to the first device.
This invention relates to a non-transitory machine-readable medium containing a program for managing access to a service provided by a first device. The program includes instructions for determining whether any previously coupled devices are currently connected to the first device. If no previously coupled devices are detected, the program provides a prompt to input an access control parameter, such as a password or authentication code, to grant access to the service. The program may also include instructions for storing data associated with the service, such as user preferences or usage history, and for retrieving this data when a previously coupled device reconnects. The system ensures secure access control by requiring authentication when no trusted devices are present, while streamlining access for previously authenticated devices. The invention is particularly useful in environments where multiple devices interact with a central service, such as smart home systems, enterprise networks, or cloud-based applications. The solution addresses the need for balancing security and convenience by dynamically adjusting authentication requirements based on device coupling history.
16. The non-transitory machine readable medium of claim 15 , wherein the access control parameter includes at least one of a username, password, passcode, gesture input, and service-access token.
The invention relates to access control systems for secure data management, particularly focusing on authentication mechanisms to prevent unauthorized access. The system involves a non-transitory machine-readable medium storing instructions that, when executed, implement an access control mechanism. This mechanism enforces access restrictions by evaluating access control parameters, which include at least one of a username, password, passcode, gesture input, or service-access token. The system verifies these parameters against predefined criteria to determine whether a user or device is authorized to access specific data or services. The access control parameter may be a single factor (e.g., a password) or a combination of factors (e.g., username and gesture input) to enhance security. The system dynamically adjusts access permissions based on the evaluation of these parameters, ensuring that only authenticated and authorized entities can proceed. This approach mitigates risks associated with unauthorized access, such as data breaches or unauthorized modifications, by enforcing strict authentication protocols. The invention is particularly useful in environments where secure data handling is critical, such as financial systems, healthcare records, or enterprise networks.
17. The non-transitory machine readable medium of claim 11 , wherein the first device is a streaming media player and the second device is a monitor or projector.
A system and method for managing media playback involves a first device, such as a streaming media player, and a second device, such as a monitor or projector. The first device processes media content, including video and audio data, and generates a video stream and an audio stream. The second device receives the video stream and displays the corresponding video content. The system ensures synchronization between the video and audio streams, even when the second device introduces delays in processing the video stream. To achieve this, the first device embeds timing information into the video stream, which the second device uses to adjust playback timing. The system also compensates for network latency and processing delays in the second device, ensuring that the audio and video remain in sync. This approach is particularly useful in environments where the second device may introduce variable delays, such as in professional AV setups or home theater systems. The solution improves the reliability of synchronized media playback across different devices.
18. The non-transitory machine readable medium of claim 11 , wherein the first device is a mobile device and the second device is an information system of a vehicle, wherein the set of instructions for using the DRM key comprises a set of instructions for allowing the information system to access content on the first device.
This invention relates to digital rights management (DRM) systems for securely sharing content between a mobile device and a vehicle's information system. The problem addressed is the need for secure content access between these devices while maintaining DRM protections. The solution involves a non-transitory machine-readable medium storing instructions that enable a mobile device to share DRM-protected content with a vehicle's information system. The instructions include steps for generating and using a DRM key to authorize access. The key allows the vehicle's system to securely access and use content stored on the mobile device, such as media files, while ensuring compliance with DRM policies. The system ensures that only authorized devices can access the content, preventing unauthorized distribution or use. The invention also includes mechanisms for validating the DRM key and managing access permissions, ensuring that content remains protected even when transferred between devices. This approach enhances user experience by enabling seamless content sharing while maintaining security and compliance with DRM requirements.
19. The non-transitory machine readable medium of claim 11 , wherein the retrieved DRM key is received from the second device as a part of a key exchange process.
A system and method for secure digital rights management (DRM) key retrieval involves a first device and a second device, where the first device requests a DRM key from the second device. The second device retrieves the DRM key from a secure storage location and transmits it to the first device as part of a key exchange process. The key exchange process ensures secure transmission of the DRM key between the devices, protecting it from unauthorized access. The system may include additional security measures, such as encryption, authentication, or authorization protocols, to further safeguard the DRM key during transmission. The DRM key is used to decrypt or access protected digital content, ensuring that only authorized users or devices can access the content. The system may be implemented in various applications, such as streaming services, digital media distribution, or secure communication systems, where secure key management is essential. The key exchange process may involve cryptographic protocols, such as Diffie-Hellman or RSA, to securely exchange the DRM key between the devices. The system may also include mechanisms to verify the integrity and authenticity of the DRM key, ensuring that it has not been tampered with during transmission. The secure storage location may be a hardware security module (HSM), a secure enclave, or a trusted platform module (TPM), providing a high level of security for the DRM key. The system may also include mechanisms to revoke or update the DRM key, ensuring that it remains secure and up-to-date. The system may be implemented in various computing environments, such as cloud computing, edge computing, or IoT devices, where secure key management is critical. The system may also include mechanisms to monitor and audit the use of the DRM
20. The non-transitory machine readable medium of claim 11 , wherein the DRM key is a first DRM key, the program further comprising sets of instructions for: from a third device communicatively coupled to the first device, retrieving a second DRM key for accessing content on the third device; and using the second DRM key to provide access to the service on the first device.
This invention relates to digital rights management (DRM) systems for securely accessing content across multiple devices. The problem addressed is the need to manage DRM keys efficiently when a user wants to access content or services on one device that are protected by a DRM key stored on another device. The solution involves a non-transitory machine-readable medium storing a program with instructions for handling DRM keys across devices. The program includes instructions for retrieving a first DRM key from a second device, where the first DRM key is used to access content or services on the first device. Additionally, the program retrieves a second DRM key from a third device, which is communicatively coupled to the first device. The second DRM key is used to access content on the third device. The program then uses the second DRM key to provide access to a service on the first device. This allows seamless access to protected content or services across multiple devices by dynamically retrieving and applying the necessary DRM keys. The system ensures that the appropriate DRM key is used based on the device from which the content or service is being accessed, enhancing security and usability.
21. The non-transitory machine readable medium of claim 11 , wherein the key is retrieved as a part of a high-bandwidth digital content protection (HDCP) scheme.
A system and method for secure key retrieval in digital content protection involves a non-transitory machine-readable medium storing instructions that, when executed, perform operations to retrieve a cryptographic key as part of a high-bandwidth digital content protection (HDCP) scheme. The key is used to decrypt protected digital content, ensuring secure transmission and playback. The system includes a key management module that authenticates devices involved in the content distribution chain, verifies their authorization, and securely retrieves the key from a trusted source. The key retrieval process is integrated into the HDCP protocol, which enforces encryption and authentication mechanisms to prevent unauthorized access. The system may also include error handling to manage failed key retrieval attempts, ensuring robust security. The overall solution addresses the challenge of securely distributing decryption keys in high-bandwidth digital content environments, such as streaming media or high-definition video playback, where unauthorized access could lead to piracy or content leakage. The integration with HDCP ensures compliance with industry-standard protection mechanisms while maintaining seamless user experience.
22. A device comprising: a memory configured to store encrypted authentication information; and at least one processor configured to: retrieve, from another device, a key for accessing content on the other device; and use the key to decrypt the encrypted authentication information stored in the memory; and use the decrypted authentication information to provide access to a service on the device by generating a local key from the decrypted authentication information and decrypting an encrypted set of user data using the local key, the service being distinct from accessing the content on the other device using the key.
A device is disclosed for securely managing authentication and user data access. The device addresses the challenge of securely storing and retrieving authentication credentials while enabling access to distinct services without exposing sensitive information. The device includes a memory storing encrypted authentication information and at least one processor. The processor retrieves a key from another device, which is used to access content on that device. The same key decrypts the encrypted authentication information stored locally. The decrypted authentication information is then used to provide access to a service on the device by generating a local key from the decrypted data. This local key decrypts an encrypted set of user data, enabling service access. The service is distinct from the content access on the other device, ensuring separation of concerns and enhanced security. The system ensures that authentication credentials remain protected while allowing controlled access to user-specific data for authorized services. This approach prevents unauthorized access to sensitive information while maintaining usability for legitimate services.
23. The device of claim 22 , wherein the key is retrieved as a part of a high-bandwidth digital content protection (HDCP) scheme.
A system for secure content distribution involves a device that retrieves a cryptographic key as part of a high-bandwidth digital content protection (HDCP) scheme. The device includes a processor and a memory storing instructions that, when executed, perform operations to authenticate a content source and establish a secure communication channel. The authentication process involves verifying digital certificates or other cryptographic credentials to ensure the source is authorized. Once authenticated, the device retrieves the cryptographic key from the content source using the HDCP protocol, which is designed to protect high-definition digital content during transmission. The key is then used to decrypt or verify the integrity of the content, ensuring it remains secure during distribution. The system may also include additional security measures, such as key rotation or session-based encryption, to further enhance protection against unauthorized access. This approach ensures that only authorized devices can access and process the content, preventing piracy and unauthorized redistribution. The HDCP scheme integrates with existing digital rights management (DRM) frameworks to provide a comprehensive security solution for high-value digital media.
Unknown
June 16, 2020
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.